[rt-users] All users can comment despite that right being revoked
Alex Hall
ahall at autodist.com
Thu Dec 15 12:08:33 EST 2016
I've just discovered that "modify tickets" includes--for some strange
reason--the comment right. Thus, if we want users to be able to modify
other aspects of tickets, they automatically get granted the right to
comment as well. This seems like an odd decision, but at least I think I've
found the problem.
Back to removing the option from the Actions menu, then. I've been
searching, but I don't know where this action gets added. I've found a few
places where some actions are added to @Actions, but never "comment".
You mentioned a rights debugger in 4.6. Is 4.6 out for testing? Rights
debugging sounds very useful!
On Thu, Dec 15, 2016 at 11:56 AM, Matt Zagrabelny <mzagrabe at d.umn.edu>
wrote:
> Hi Alex,
>
> On Thu, Dec 15, 2016 at 8:28 AM, Alex Hall <ahall at autodist.com> wrote:
> > Hi all,
> > We've just discovered something odd. It seems that all users can comment
> on
> > tickets, even though we've removed the "comment on tickets" right
> everywhere
> > we've found it--all groups, privileged users, everyone, etc. I could
> simply
> > remove the comment action from the actions list, but I'd rather find out
> why
> > the right revoking isn't doing what I thought.
> >
> > Is there a way to search the RT database to see where this right is
> enabled,
> > to check that none of us (admins) missed it somewhere? Is there a second
> > right that might cause this action to appear, that isn't called "comment
> on
> > tickets"? Maybe we've just overlooked something seemingly not important
> but
> > that actually causes commenting to be granted?
> >
> > To clarify my "search the database" question: I know SQL and how to query
> > the RT database. I just don't know which tables or columns to include, or
> > what value to look for. Thanks.
>
> Have you checked your global rights?
>
> Admin -> Global -> Groups
>
> PS. There might be a rights debugger in 4.6.
>
> -m
>
--
Alex Hall
Automatic Distributors, IT department
ahall at autodist.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20161215/f49a82e6/attachment.htm>
More information about the rt-users
mailing list